Book Details

ISBN 139781785884351

Paperback348 pages

Book Description

Master the power of Splunk and learn the advanced strategies to get the most out of your machine data with this practical advanced guide. Make sense of the hidden data of your organization – the insight of your servers, devices, logs, traffic and clouds. Advanced Splunk shows you how.

Dive deep into Splunk to find the most efficient solution to your data problems. Create the robust Splunk solutions you need to make informed decisions in big data machine analytics. From visualizations to enterprise integration, this well-organized high level guide has everything you need for Splunk mastery.

Start with a complete overview of all the new features and advantages of the latest version of Splunk and the Splunk Environment. Go hands on with uploading data, search commands for basic and advanced analytics, advanced visualization techniques, and dashboard customizing. Discover how to tweak Splunk to your needs, and get a complete overview on Enterprise Integration of Splunk with various analytics and visualization tools. Finally, discover how to set up and use all the new features of the latest version of Splunk.

Table of Contents

Chapter 1: What's New in Splunk 6.3?

Splunk's architecture

Search parallelization

Data integrity control

Intelligent job scheduling

The app key-value store

Splunk Enterprise Security

Authentication using SAML

Summary

Chapter 2: Developing an Application on Splunk

Splunk apps and technology add-ons

Developing a Splunk app

Developing a Splunk add-on

Managing Splunk apps and add-ons

Splunk apps from the app store

Summary

Chapter 3: On-boarding Data in Splunk

Deep diving into various input methods and sources

Adding data to Splunk – new interfaces

Data processing

Managing event segmentation

Improving the data input process

Summary

Chapter 4: Data Analytics

Data and indexes

Search

Subsearch

Time

Fields

Results

Summary

Chapter 5: Advanced Data Analytics

Reports

Geography and location

Anomalies

Predicting and trending

Correlation

Machine learning

Summary

Chapter 6: Visualization

Prerequisites – configuration settings

Tables

Single value

Charts

Drilldown

Summary

Chapter 7: Advanced Visualization

Sunburst sequence

Geospatial visualization

Punchcard visualization

Calendar heatmap visualization

The Sankey diagram

Parallel coordinates

The force directed graph

Custom chart overlay

Custom decorations

Summary

Chapter 8: Dashboard Customization

Dashboard controls

Multi-search management

Tokens

Null search swapper

Switcher

Summary

Chapter 9: Advanced Dashboard Customization

Layout customization

Custom look and feel

The custom alert action

Summary

Chapter 10: Tweaking Splunk

Index replication

Indexer auto-discovery

Sourcetype manager

Field extractor

Search history

Event pattern detection

Data acceleration

Splunk buckets

Search optimizations

Splunk health

Summary

Chapter 11: Enterprise Integration with Splunk

The Splunk SDK

Installing the Splunk SDK

The Splunk SDK for Python

Splunk with R for analytics

Splunk with Tableau for visualization

Summary

Chapter 12: What Next? Splunk 6.4

Storage optimization

Machine learning

Management and admin

Indexer and search head enhancement

Visualizations

Multi-search management

Enhanced alert actions

Summary

What You Will Learn

Find out how to develop and manage apps in Splunk

Work with important search commands to perform data analytics on uploaded data

Create visualizations in Splunk

Explore tweaking Splunk

Integrate Splunk with any pre-existing application to perform data crunching efficiently and in real time

Make your big data speak with analytics and visualizations using Splunk

Use SDK and Enterprise integration with tools such as R and Tableau

Authors

Ashish Kumar Tulsiram Yadav

Ashish Kumar Tulsiram Yadav is a BE in computers and has around four and a half years of experience in software development, data analytics, and information security, and around four years of experience in Splunk application development and administration. He has experience of creating Splunk applications and add-ons, managing Splunk deployments, machine learning using R and Python, and analytics and visualization using various tools, such as Tableau and QlikView.

He is currently working with the information security operations team, handling the Splunk Enterprise security and cyber security of the organization. He has worked as a senior software engineer at Larsen & Toubro Technology Services in the telecom consumer electronics and semicon unit providing data analytics on a wide variety of domains, such as mobile devices, telecom infrastructure, embedded devices, Internet of Things (IOT), Machine to Machine (M2M), entertainment devices, and network and storage devices.

He has also worked in the area of information, network, and cyber security in his previous organization. He has experience in OMA LWM2M for device management and remote monitoring of IOT and M2M devices and is well versed in big data and the Hadoop ecosystem. He is a passionate ethical hacker, security enthusiast, and Linux expert and has knowledge of Python, R, .NET, HTML5, CSS, and the C language.

He is an avid blogger and writes about ethical hacking and cyber security on his blogs in his free time. He is a gadget freak and keeps on writing reviews on various gadgets he owns. He has participated in and has been a winner of hackathons, technical paper presentations, white papers, and so on.

Alerts & Offers

Series & Level

We understand your time is important. Uniquely amongst the major publishers, we seek to develop and publish the broadest range of learning and information products on each technology. Every Packt product delivers a specific learning pathway, broadly defined by the Series type. This structured approach enables you to select the pathway which best suits your knowledge level, learning style and task objectives.

Learning

As a new user, these step-by-step tutorial guides will give you all the practical skills necessary to become competent and efficient.

Beginner's Guide

Friendly, informal tutorials that provide a practical introduction using examples, activities, and challenges.

Essentials

Fast paced, concentrated introductions showing the quickest way to put the tool to work in the real world.

Cookbook

A collection of practical self-contained recipes that all users of the technology will find useful for building more powerful and reliable systems.

Blueprints

Guides you through the most common types of project you'll encounter, giving you end-to-end guidance on how to build your specific solution quickly and reliably.

Mastering

Take your skills to the next level with advanced tutorials that will give you confidence to master the tool's most powerful features.

Starting

Accessible to readers adopting the topic, these titles get you into the tool or technology so that you can become an effective user.

Progressing

Building on core skills you already have, these titles share solutions and expertise so you become a highly productive power user.